summaryrefslogtreecommitdiffstats
path: root/libjava/classpath/gnu/javax/crypto/keyring/PasswordEncryptedEntry.java
diff options
context:
space:
mode:
Diffstat (limited to 'libjava/classpath/gnu/javax/crypto/keyring/PasswordEncryptedEntry.java')
-rw-r--r--libjava/classpath/gnu/javax/crypto/keyring/PasswordEncryptedEntry.java174
1 files changed, 83 insertions, 91 deletions
diff --git a/libjava/classpath/gnu/javax/crypto/keyring/PasswordEncryptedEntry.java b/libjava/classpath/gnu/javax/crypto/keyring/PasswordEncryptedEntry.java
index 26b4032bdfb..00031cbf1bb 100644
--- a/libjava/classpath/gnu/javax/crypto/keyring/PasswordEncryptedEntry.java
+++ b/libjava/classpath/gnu/javax/crypto/keyring/PasswordEncryptedEntry.java
@@ -38,11 +38,12 @@ exception statement from your version. */
package gnu.javax.crypto.keyring;
+import gnu.java.security.Configuration;
import gnu.java.security.Registry;
import gnu.java.security.prng.IRandom;
import gnu.java.security.prng.LimitReachedException;
+import gnu.java.security.util.PRNG;
import gnu.java.security.util.Util;
-
import gnu.javax.crypto.cipher.CipherFactory;
import gnu.javax.crypto.cipher.IBlockCipher;
import gnu.javax.crypto.mode.IMode;
@@ -58,41 +59,28 @@ import java.io.ByteArrayOutputStream;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.IOException;
-
import java.security.InvalidKeyException;
-import java.security.SecureRandom;
-
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.Date;
-import java.util.Iterator;
import java.util.HashMap;
-import java.util.List;
+import java.util.Iterator;
+import java.util.logging.Logger;
/**
* An envelope that is encrypted with a password-derived key.
*/
-public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements
- PasswordProtectedEntry, Registry
+public class PasswordEncryptedEntry
+ extends MaskableEnvelopeEntry
+ implements PasswordProtectedEntry, Registry
{
-
- // Constants and fields.
- // ------------------------------------------------------------------------
-
+ private static final Logger log = Logger.getLogger(PasswordEncryptedEntry.class.getName());
public static final int TYPE = 1;
- // Constructors.
- // ------------------------------------------------------------------------
-
public PasswordEncryptedEntry(String cipher, String mode, int keylen,
Properties properties)
{
super(TYPE, properties);
if ((cipher == null || cipher.length() == 0)
|| (mode == null || mode.length() == 0))
- {
- throw new IllegalArgumentException("cipher nor mode can be empty");
- }
+ throw new IllegalArgumentException("cipher nor mode can be empty");
this.properties.put("cipher", cipher);
this.properties.put("mode", mode);
this.properties.put("keylen", String.valueOf(keylen));
@@ -105,9 +93,6 @@ public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements
setMasked(true);
}
- // Class methods.
- // ------------------------------------------------------------------------
-
public static PasswordEncryptedEntry decode(DataInputStream in,
char[] password)
throws IOException
@@ -132,49 +117,57 @@ public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements
return entry;
}
- // Instance methods.
- // ------------------------------------------------------------------------
-
public void decrypt(char[] password) throws IllegalArgumentException,
WrongPaddingException
{
- if (!isMasked() || payload == null)
+ if (Configuration.DEBUG)
+ log.entering(this.getClass().getName(), "decrypt");
+ if (isMasked() && payload != null)
{
- return;
- }
- IMode mode = getMode(password, IMode.DECRYPTION);
- IPad padding = PadFactory.getInstance("PKCS7");
- padding.init(mode.currentBlockSize());
- byte[] buf = new byte[payload.length];
- int count = 0;
- for (int i = 0; i < payload.length; i++)
- {
- mode.update(payload, count, buf, count);
- count += mode.currentBlockSize();
- }
- int padlen = padding.unpad(buf, 0, buf.length);
- DataInputStream in = new DataInputStream(
- new ByteArrayInputStream(
- buf,
- 0,
- buf.length
- - padlen));
- try
- {
- decodeEnvelope(in);
- }
- catch (IOException ioe)
- {
- throw new IllegalArgumentException("decryption failed");
+ long tt = -System.currentTimeMillis();
+ IMode mode = getMode(password, IMode.DECRYPTION);
+ IPad padding = PadFactory.getInstance("PKCS7");
+ padding.init(mode.currentBlockSize());
+ byte[] buf = new byte[payload.length];
+ int count = 0;
+ while (count + mode.currentBlockSize() <= payload.length)
+ {
+ mode.update(payload, count, buf, count);
+ count += mode.currentBlockSize();
+ }
+ int padlen = padding.unpad(buf, 0, buf.length);
+ setMasked(false);
+ int len = buf.length - padlen;
+ ByteArrayInputStream baos = new ByteArrayInputStream(buf, 0, len);
+ DataInputStream in = new DataInputStream(baos);
+ try
+ {
+ decodeEnvelope(in);
+ }
+ catch (IOException ioe)
+ {
+ throw new IllegalArgumentException("decryption failed");
+ }
+ tt += System.currentTimeMillis();
+ log.fine("Decrypted in " + tt + "ms.");
}
- setMasked(false);
- payload = null;
+ else if (Configuration.DEBUG)
+ log.fine("Skip decryption; " + (isMasked() ? "null payload" : "unmasked"));
+ if (Configuration.DEBUG)
+ log.exiting(this.getClass().getName(), "decrypt");
}
public void encrypt(char[] password) throws IOException
{
+ if (Configuration.DEBUG)
+ log.entering(this.getClass().getName(), "encrypt", String.valueOf(password));
+ long tt = -System.currentTimeMillis();
+ long t1 = -System.currentTimeMillis();
byte[] salt = new byte[8];
- new SecureRandom ().nextBytes (salt);
+ PRNG.getInstance().nextBytes(salt);
+ t1 += System.currentTimeMillis();
+ if (Configuration.DEBUG)
+ log.fine("-- Generated salt in " + t1 + "ms.");
properties.put("salt", Util.toString(salt));
IMode mode = getMode(password, IMode.ENCRYPTION);
IPad pad = PadFactory.getInstance("PKCS7");
@@ -184,7 +177,13 @@ public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements
for (Iterator it = entries.iterator(); it.hasNext();)
{
Entry entry = (Entry) it.next();
+ if (Configuration.DEBUG)
+ log.fine("-- About to encode one " + entry);
+ t1 = -System.currentTimeMillis();
entry.encode(out2);
+ t1 += System.currentTimeMillis();
+ if (Configuration.DEBUG)
+ log.fine("-- Encoded an Entry in " + t1 + "ms.");
}
byte[] plaintext = bout.toByteArray();
byte[] padding = pad.pad(plaintext, 0, plaintext.length);
@@ -200,6 +199,13 @@ public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements
count += mode.currentBlockSize();
}
mode.update(lastBlock, 0, payload, count);
+ setMasked(true);
+ tt += System.currentTimeMillis();
+ if (Configuration.DEBUG)
+ {
+ log.fine("Encrypted in " + tt + "ms.");
+ log.exiting(this.getClass().getName(), "encrypt");
+ }
}
public void encode(DataOutputStream out, char[] password) throws IOException
@@ -212,60 +218,46 @@ public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements
{
if (payload == null)
{
+ if (Configuration.DEBUG)
+ log.fine("Null payload: " + this);
throw new IllegalStateException("not encrypted");
}
}
- // Own methods.
- // ------------------------------------------------------------------------
-
private IMode getMode(char[] password, int state)
{
String s = properties.get("salt");
if (s == null)
- {
- throw new IllegalArgumentException("no salt");
- }
+ throw new IllegalArgumentException("no salt");
byte[] salt = Util.toBytesFromString(s);
IBlockCipher cipher = CipherFactory.getInstance(properties.get("cipher"));
if (cipher == null)
- {
- throw new IllegalArgumentException("no such cipher: "
- + properties.get("cipher"));
- }
+ throw new IllegalArgumentException("no such cipher: "
+ + properties.get("cipher"));
int blockSize = cipher.defaultBlockSize();
if (properties.containsKey("block-size"))
- {
- try
- {
- blockSize = Integer.parseInt(properties.get("block-size"));
- }
- catch (NumberFormatException nfe)
- {
- throw new IllegalArgumentException("bad block size: "
- + nfe.getMessage());
- }
- }
- IMode mode = ModeFactory.getInstance(properties.get("mode"), cipher,
- blockSize);
+ try
+ {
+ blockSize = Integer.parseInt(properties.get("block-size"));
+ }
+ catch (NumberFormatException nfe)
+ {
+ throw new IllegalArgumentException("bad block size: "
+ + nfe.getMessage());
+ }
+ String modeName = properties.get("mode");
+ IMode mode = ModeFactory.getInstance(modeName, cipher, blockSize);
if (mode == null)
- {
- throw new IllegalArgumentException("no such mode: "
- + properties.get("mode"));
- }
-
+ throw new IllegalArgumentException("no such mode: " + modeName);
HashMap pbAttr = new HashMap();
pbAttr.put(IPBE.PASSWORD, password);
pbAttr.put(IPBE.SALT, salt);
pbAttr.put(IPBE.ITERATION_COUNT, ITERATION_COUNT);
IRandom kdf = PRNGFactory.getInstance("PBKDF2-HMAC-SHA");
kdf.init(pbAttr);
-
int keylen = 0;
- if (!properties.containsKey("keylen"))
- {
- throw new IllegalArgumentException("no key length");
- }
+ if (! properties.containsKey("keylen"))
+ throw new IllegalArgumentException("no key length");
try
{
keylen = Integer.parseInt(properties.get("keylen"));
@@ -286,7 +278,7 @@ public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements
}
HashMap modeAttr = new HashMap();
modeAttr.put(IMode.KEY_MATERIAL, dk);
- modeAttr.put(IMode.STATE, new Integer(state));
+ modeAttr.put(IMode.STATE, Integer.valueOf(state));
modeAttr.put(IMode.IV, iv);
try
{
OpenPOWER on IntegriCloud